Libtiff

libtiff

Vendor: Libtiff • 262 CVEs

CVEs (262)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-9448 2Libtiff Opensuse 2Libtiff Opensuse May 13, 2026 Jan 27, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that...Show more The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.Show less
CVE-2016-6223 1Libtiff 1Libtiff May 13, 2026 Jan 23, 2017 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a f...Show more The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer.Show less
CVE-2017-5563 1Libtiff 1Libtiff May 13, 2026 Jan 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
CVE-2016-5323 2Libtiff Opensuse 2Libtiff Opensuse May 13, 2026 Jan 20, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
CVE-2016-5321 2Libtiff Opensuse 2Libtiff Opensuse May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
CVE-2016-5319 1Libtiff 1Libtiff May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file.
CVE-2016-5318 1Libtiff 1Libtiff May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.
CVE-2016-5317 3Libtiff OpensuseOpensuse Project 3Leap LibtiffOpensuse May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a craf...Show more Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.Show less
CVE-2016-5316 3Libtiff OpensuseOpensuse Project 3Leap LibtiffOpensuse May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
CVE-2016-9297 1Libtiff 1Libtiff May 13, 2026 Jan 18, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.
CVE-2016-9273 1Libtiff 1Libtiff May 13, 2026 Jan 18, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
CVE-2017-5225 1Libtiff 1Libtiff May 6, 2026 Jan 12, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
CVE-2016-5652 1Libtiff 1Libtiff May 6, 2026 Jan 6, 2017 N/A· v4 7.0 HIGH· v3 6.8 MEDIUM· v2 An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerabili...Show more An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.Show less
CVE-2015-8870 1Libtiff 1Libtiff May 6, 2026 Dec 6, 2016 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted w...Show more Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.Show less
CVE-2016-9540 1Libtiff 1Libtiff May 6, 2026 Nov 22, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."
CVE-2016-9539 1Libtiff 1Libtiff May 6, 2026 Nov 22, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
CVE-2016-9538 1Libtiff 1Libtiff May 6, 2026 Nov 22, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.
CVE-2016-9537 1Libtiff 1Libtiff May 6, 2026 Nov 22, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097.
CVE-2016-9536 1Libtiff 1Libtiff May 6, 2026 Nov 22, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow."
CVE-2016-9535 1Libtiff 1Libtiff May 29, 2026 Nov 22, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Re...Show more tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."Show less

Previous 1...8910...14 Next